Chinese Hackers Exploit Zero-Day Cisco Switch Flaw to Gain System Control

August 22, 2024 at 12:18PM A China-nexus threat group, Velvet Ant, exploited a recently patched security flaw in Cisco switches as a zero-day, enabling extensive system control and evasion of detection. This involved weaponizing CVE-2024-20399 to deliver bespoke malware, facilitate data exfiltration, and establish persistent access. The attackers’ sophisticated tactics and use of open-source tools … Read more

Patch Now: Cisco Zero-Day Under Fire From Chinese APT

July 2, 2024 at 09:22AM Cisco has patched a command-line injection flaw (CVE-2024-20399, CVSS 6.0) in its NX-OS software, used for managing switches in data centers. The flaw can allow authenticated attackers to execute arbitrary commands as root. It has been exploited by the China-backed threat group Velvet Ant. Cisco has released updates to patch … Read more

Cisco Patches NX-OS Zero-Day Exploited by Chinese Cyberspies

July 2, 2024 at 05:18AM Cisco has released patches for a zero-day vulnerability, CVE-2024-20399, in its NX-OS software. The medium-severity flaw allows local attackers to execute arbitrary commands with root privileges. Exploited by a China-linked cyberespionage group, the bug impacts various Cisco switch series. Cybersecurity firm Sygnia discovered and reported the vulnerability and advises updating … Read more

Chinese Hackers Exploiting Cisco Switches Zero-Day to Deliver Malware

July 2, 2024 at 02:08AM Velvet Ant, a Chinese cyber espionage group, has exploited a zero-day flaw in Cisco NX-OS Software to deliver custom malware and gain control over compromised Cisco Nexus devices. This vulnerability, CVE-2024-20399, allows an attacker with administrator credentials to execute commands as root. The impacted devices include various Nexus switches. Additionally, … Read more